CVE-2025-14636

CVSS v3.1

3.7

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Tenda AX9 version 22.03.01.46

Description A security flaw exists in the

image check

function within the

httpd

component of Tenda AX9 version 22.03.01.46. This issue involves the use of a weak hash, allowing for remote attacks. The attack is considered to have a high complexity level and is difficult to exploit. The exploit for this issue has been publicly released and may be used for malicious purposes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327CWE-328

Related Identifiers

CVE-2025-14636

Affected Products

Tenda Ax9

CVE-2025-14636

Weakness Enumeration

Related Identifiers

Affected Products

References · 11